نتيجة تقرير HijackThis لجهازي فماذا بعد؟

صمتي سؤال · 30 يوليو 2009

هذي النتيجة فماذا تعني ؟

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:52:51, on 30/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\Installer\MSI54.tmp
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ciuly\SVI Deleter\svi_deleter.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\esam\LOCALS~1\Temp\ir_ext_temp_0\AutoPlay\Docs\RRT.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\TTMessenger\ttmessenger2.exe
C:\Program Files\TTMessenger\spool\PDFSaver.exe
c:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\SimpleCenter\bin\win\SCLAUN~1.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\esam\My Documents\Downloads\Programs\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;<local>
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [RRT-Auto] C:\DOCUME~1\esam\LOCALS~1\Temp\ir_ext_temp_0\AutoPlay\Docs\RRT.exe auto
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\program files\trafficcompressor\tcomplsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\trafficcompressor\tcomplsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\trafficcompressor\tcomplsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: 2009\mzvkbd.dll,2009\mzvkbd3.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Windows Live Family Safety (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI54.tmp
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Volume Information Deleter (SVI_Deleter_Ciuly) - Ciuly - C:\Program Files\Ciuly\SVI Deleter\svi_deleter.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 11577 bytes

صمتي سؤال · 3 أغسطس 2009

قمت بتشغيل الآداة الأخيرة فماذا يعد ؟

علماً بأن في جهازي مجلدات لااستطيع حذفها :

RECYCLER
System Volume Information
autorun.inf
Desktop.ini

صمتي سؤال · 4 أغسطس 2009

في انتظارك عودتكم

صمتي سؤال · 6 أغسطس 2009

مازلت أنتظر عودتكم

MAAX · 6 أغسطس 2009

اعمل التالي

ثم اضغط موافق

ثم

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

صمتي سؤال · 7 أغسطس 2009

هذي نتيجة التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

صمتي سؤال · 7 أغسطس 2009

ComboFix 09-07-29.03 - esam 08/06/2009 23:42.2.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.502.315 [GMT 3:00]
Running from: c:\documents and settings\esam\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((( Files Created from 2009-07-06 to 2009-08-06 )))))))))))))))))))))))))))))))
.

2009-08-05 23:20 . 2009-08-05 23:37 -------- d-----w- c:\documents and settings\esam\Application Data\Photo! 3D Album
2009-08-05 23:20 . 2008-09-15 13:49 3939328 ----a-w- c:\windows\Photo! 3D ScreenSaver.scr
2009-08-05 23:20 . 2009-08-05 23:20 -------- d-----w- c:\program files\Photo!
2009-08-05 23:06 . 2009-08-05 23:07 -------- d-----w- C:\Gheyab
2009-08-05 22:17 . 2009-08-05 22:17 -------- d-----w- c:\windows\Profiles
2009-08-05 22:17 . 2009-08-05 22:17 -------- d-----w- c:\windows\system32\Adobe
2009-08-05 22:17 . 2009-08-05 22:17 -------- d-----w- c:\documents and settings\esam\Application Data\InterTrust
2009-08-04 23:25 . 2009-08-04 19:35 630784 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2009-08-04 23:25 . 2009-08-04 19:35 651264 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
2009-08-04 23:25 . 2009-07-16 11:06 52224 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll
2009-08-04 23:25 . 2009-07-16 11:06 114688 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\npmozax.dll
2009-08-04 22:01 . 2009-08-04 22:05 -------- d-----w- c:\program files\TrafficCompressor
2009-08-04 19:31 . 2009-08-04 19:31 -------- d-----w- c:\documents and settings\esam\Local Settings\Application Data\Centered Systems
2009-08-04 19:31 . 2009-08-06 17:37 -------- d-----w- c:\program files\SecCopy
2009-08-04 18:16 . 2008-03-05 19:54 2786532 -c--a-w- c:\documents and settings\All Users\Application Data\{6CF41A80-289A-4651-96E0-C4829485C662}\KE v5.5 Setup.exe
2009-08-04 18:16 . 2009-08-04 18:16 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{6CF41A80-289A-4651-96E0-C4829485C662}
2009-08-04 18:15 . 2009-08-04 18:16 -------- d-----w- c:\program files\Windows Live Messenger Khalid Edition v5.5 Arabic
2009-08-04 16:31 . 2009-08-04 16:31 -------- d-----w- c:\program files\LtUcx
2009-08-02 23:53 . 2009-08-02 23:53 -------- d-----w- c:\documents and settings\esam\DoctorWeb
2009-08-02 23:33 . 2009-08-02 23:33 -------- d-----w- c:\program files\Net Studio
2009-08-02 22:22 . 2009-08-02 22:22 -------- d-----w- c:\documents and settings\esam\Local Settings\Application Data\HP
2009-08-02 21:53 . 2009-08-06 20:08 -------- d-----w- c:\documents and settings\esam\Application Data\HPAppData
2009-08-02 21:15 . 2009-08-02 21:15 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-08-02 21:12 . 2009-08-02 21:12 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-02 21:12 . 2009-08-02 21:12 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-08-02 21:10 . 2007-10-30 09:25 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-08-02 21:10 . 2007-10-30 09:25 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-08-02 21:10 . 2007-10-20 15:25 117760 ----a-w- c:\windows\system32\hpzll5mu.dll
2009-08-02 21:09 . 2007-10-30 09:25 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-08-02 21:07 . 2007-10-30 09:25 372736 ----a-r- c:\windows\system32\hppldcoi.dll
2009-08-02 21:07 . 2007-10-30 09:11 729088 ----a-r- c:\windows\system32\hpowiax7.dll
2009-08-02 21:07 . 2007-10-30 09:11 303104 ----a-r- c:\windows\system32\hpovst15.dll
2009-08-02 21:07 . 2007-10-30 09:11 581632 ----a-r- c:\windows\system32\hpotscl6.dll
2009-08-02 20:58 . 2009-08-02 21:41 173579 ----a-w- c:\windows\hpoins27.dat
2009-08-02 20:58 . 2008-01-18 15:56 932 ------w- c:\windows\hpomdl27.dat
2009-07-30 00:08 . 2009-07-30 00:08 -------- d-----w- c:\program files\Trend Micro
2009-07-29 01:45 . 2009-08-02 23:50 0 ----a-w- C:\osy3.sys
2009-07-28 21:15 . 2009-07-28 21:56 -------- d-----w- c:\program files\GVR
2009-07-28 20:47 . 2009-07-28 20:50 -------- d-----w- c:\program files\Setup .exe
2009-07-28 20:46 . 2009-07-29 23:29 -------- d-----w- c:\program files\Speed Startup
2009-07-28 20:16 . 2009-07-28 20:52 -------- d-----w- c:\program files\EsetOnlineScanner
2009-07-28 20:07 . 2009-08-04 21:16 -------- d-----w- c:\documents and settings\esam\Application Data\QuickScan
2009-07-28 19:58 . 2009-07-28 19:58 -------- d-----w- c:\program files\Ciuly
2009-07-27 10:12 . 2009-07-27 10:12 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\************
2009-07-27 10:12 . 2009-07-27 10:12 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Freecorder
2009-07-27 10:12 . 2009-07-27 10:12 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-07-27 06:40 . 2009-07-27 06:40 -------- d-----w- C:\ERDNT
2009-07-27 06:40 . 2009-07-27 06:40 -------- d-----w- c:\windows\ERUNT
2009-07-27 06:40 . 2009-08-03 00:07 -------- d-----w- C:\!FixIEDef
2009-07-26 02:27 . 2009-07-26 02:27 -------- d-----w- c:\documents and settings\esam\Local Settings\Application Data\Apple
2009-07-26 02:26 . 2009-07-26 02:26 -------- d-----w- c:\program files\Apple Software Update
2009-07-26 02:26 . 2009-07-26 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-26 01:12 . 2009-07-26 01:12 -------- d-----w- c:\program files\MSN Reaper
2009-07-22 21:30 . 2003-11-15 19:27 118872 ----a-w- c:\windows\system32\PXC25uis.dll
2009-07-22 21:30 . 2003-09-15 00:36 390656 ----a-w- c:\windows\system32\pdfxclib.dll
2009-07-22 21:30 . 2003-08-15 21:15 109568 ----a-w- c:\windows\system32\pdfxcpro.dll
2009-07-22 21:30 . 2003-08-15 21:12 144896 ----a-w- c:\windows\system32\xc_parse.dll
2009-07-22 21:30 . 2003-07-31 16:02 8704 ----a-w- c:\windows\system32\pdfxcds.dll
2009-07-22 21:30 . 2003-05-18 16:37 157184 ----a-w- c:\windows\system32\img_xchg.dll
2009-07-22 21:30 . 2003-04-13 22:08 185344 ----a-w- c:\windows\system32\Img_cdx.dll
2009-07-22 21:30 . 2003-02-05 18:06 45142 ----a-w- c:\windows\system32\PXC25s.dll
2009-07-22 21:30 . 2009-07-22 21:30 -------- d-----w- c:\program files\TTMessenger
2009-07-22 19:02 . 2009-07-22 19:02 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-07-22 19:02 . 2009-07-22 19:02 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-07-22 19:01 . 2009-07-22 19:02 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-07-22 18:23 . 2009-07-22 19:02 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-22 18:23 . 2009-07-22 19:02 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-22 18:21 . 2009-08-06 20:33 548896 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-22 18:21 . 2009-08-06 20:33 4809760 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-22 18:21 . 2009-08-06 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-07-21 16:15 . 2009-07-21 16:15 176288 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-21 16:12 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-21 16:12 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-21 16:12 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-21 16:11 . 2009-07-21 16:13 -------- d-----w- C:\0daa5744fb0a3984939800dafcad
2009-07-21 16:11 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-21 15:56 . 2009-07-21 15:56 -------- d--h--r- C:\AHCache
2009-07-20 16:35 . 2008-09-26 15:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-07-20 16:35 . 2008-09-26 15:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-07-20 16:35 . 2008-09-26 15:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-07-20 16:35 . 2008-09-26 15:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-07-20 16:34 . 2009-07-20 16:37 -------- d-----w- c:\program files\Afaq Wireless
2009-07-16 03:19 . 2009-07-16 03:19 -------- d-----w- c:\documents and settings\esam\Application Data\ESTsoft
2009-07-16 03:18 . 2009-07-16 03:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ESTsoft
2009-07-16 03:18 . 2009-07-16 03:18 -------- d-----w- c:\program files\ESTsoft
2009-07-16 02:53 . 2009-07-16 02:53 -------- d-----w- c:\program files\VeryPDF PDF2Word v3.0
2009-07-16 02:14 . 2009-07-16 02:14 -------- d-----w- c:\windows\tiinst
2009-07-16 02:12 . 2009-01-07 14:57 27784 ----a-w- c:\windows\system32\drivers\point32.sys
2009-07-16 02:12 . 2009-07-16 02:12 -------- d-----w- c:\program files\Microsoft IntelliPoint
2009-07-16 02:04 . 2009-06-16 09:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-07-16 02:03 . 2009-07-16 02:03 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Intel
2009-07-16 02:03 . 2009-07-16 02:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\Intel
2009-07-16 02:01 . 2009-07-16 02:01 -------- d-----w- c:\program files\Common Files\Intel
2009-07-16 02:01 . 2009-07-16 02:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Intel
2009-07-16 01:32 . 2009-07-16 01:32 -------- d-----w- c:\program files\Driver-Soft
2009-07-15 00:07 . 2009-07-15 00:09 -------- d-----w- c:\documents and settings\esam\Application Data\translateclient
2009-07-15 00:04 . 2009-07-15 00:04 -------- d-----w- c:\program files\Translate Client
2009-07-14 23:11 . 2009-07-09 08:01 110592 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
2009-07-14 22:14 . 2009-07-14 22:14 -------- d-----w- C:\Mp3 Output
2009-07-14 22:14 . 2009-06-08 12:33 8676883 ----a-w- c:\windows\system32\mp3Media2.dll
2009-07-14 22:14 . 2009-07-14 22:14 -------- d-----w- c:\program files\Smallvideosoft
2009-07-14 22:13 . 2009-07-14 22:13 -------- d-----w- c:\program files\HooTech
2009-07-14 20:25 . 2009-07-25 00:43 -------- d-----w- c:\documents and settings\esam\ط³ط·ط* ط§ظ„ظ…ظƒطھط¨

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-06 20:33 . 2009-07-22 18:21 5052 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-06 20:33 . 2009-07-22 18:21 40752 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-06 20:19 . 2009-06-10 17:06 323903 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\FlashGot.exe
2009-08-06 20:18 . 2008-08-12 19:14 -------- d-----w- c:\documents and settings\esam\Application Data\DMCache
2009-08-06 19:44 . 2008-08-13 04:48 -------- d-----w- c:\documents and settings\esam\Application Data\Nokia
2009-08-06 18:29 . 2008-08-14 18:43 -------- d-----w- c:\documents and settings\esam\Application Data\AvaFind Data
2009-08-05 23:21 . 2008-08-12 17:46 89408 ----a-w- c:\documents and settings\esam\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 22:44 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2009-08-05 22:43 . 2008-09-19 00:13 286720 ------w- c:\windows\Setup1.exe
2009-08-05 22:17 . 2008-08-25 03:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-04 17:40 . 2008-08-31 03:11 -------- d-----w- c:\program files\Disk Drive Administrator
2009-08-03 03:25 . 2008-08-29 22:01 -------- d-----w- c:\program files\Video Convert Premier
2009-08-02 23:33 . 2008-08-12 18:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-02 21:15 . 2008-10-15 18:10 -------- d-----w- c:\program files\HP
2009-08-02 21:14 . 2008-10-15 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-07-30 00:32 . 2009-07-05 23:15 -------- d-----w- c:\program files\************
2009-07-26 02:29 . 2008-08-14 21:13 -------- d-----w- c:\program files\QuickTime Alternative
2009-07-26 02:28 . 2008-08-14 21:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-22 19:45 . 2008-08-29 22:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-22 19:02 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-22 18:21 . 2008-08-12 10:56 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-22 18:03 . 2008-08-12 10:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-21 19:47 . 2001-09-19 12:00 67930 ----a-w- c:\windows\system32\perfc001.dat
2009-07-21 19:47 . 2001-09-19 12:00 367424 ----a-w- c:\windows\system32\perfh001.dat
2009-07-21 15:46 . 2009-07-21 15:46 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-07-21 15:16 . 2009-04-03 21:45 -------- d-----w- c:\documents and settings\esam\Application Data\dvdcss
2009-07-20 18:28 . 2009-01-21 18:47 -------- d-----w- c:\documents and settings\esam\Application Data\IDM
2009-07-20 15:31 . 2009-01-07 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-07-16 03:02 . 2008-12-31 02:48 -------- d-----w- c:\documents and settings\esam\Application Data\SolidDocuments
2009-07-16 02:09 . 2008-08-12 18:20 -------- d-----w- c:\program files\Intel
2009-07-15 00:08 . 2009-04-29 03:28 -------- d-----w- c:\program files\Uniblue
2009-07-05 23:00 . 2009-07-05 23:00 752 ----a-w- c:\program files\Common Files\uninstal.log
2009-07-05 22:59 . 2008-08-29 22:02 -------- d-----w- c:\documents and settings\esam\Application Data\Vso
2009-07-05 22:59 . 2008-08-29 22:02 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-07-05 22:59 . 2008-08-29 22:02 47360 ----a-w- c:\documents and settings\esam\Application Data\pcouffin.sys
2009-07-05 22:59 . 2008-08-29 22:02 47360 ----a-w- c:\documents and settings\esam\Application Data\pcouffin.sys
2009-07-05 19:42 . 2008-08-14 19:27 -------- d-----w- c:\program files\Save Flash
2009-07-05 17:55 . 2009-07-05 17:48 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-07-05 17:54 . 2009-07-05 17:54 -------- d-----w- c:\documents and settings\esam\Application Data\ESET
2009-07-05 17:53 . 2009-07-02 01:41 -------- d-----w- c:\program files\ESET
2009-07-05 17:53 . 2009-07-02 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-07-05 17:45 . 2009-04-29 03:28 -------- d-----w- c:\documents and settings\esam\Application Data\Uniblue
2009-07-05 17:25 . 2009-06-11 19:26 -------- d-----w- c:\program files\MSN Messenger
2009-07-05 14:47 . 2009-01-21 18:39 -------- d-----w- c:\program files\Internet Download Manager
2009-07-05 13:05 . 2009-04-29 03:22 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-05 11:59 . 2009-07-05 11:59 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-05 11:59 . 2008-08-12 19:06 -------- d-----w- c:\program files\Common Files\Real
2009-07-02 02:52 . 2009-06-11 19:15 -------- d-----w- c:\program files\Smarty Uninstaller Pro
2009-07-02 02:50 . 2008-11-19 18:51 -------- d-----w- c:\program files\SimpleCenter
2009-07-02 02:50 . 2008-08-27 05:27 -------- d-----w- c:\program files\Real_SC
2009-07-02 02:50 . 2008-08-20 23:26 -------- d-----w- c:\program files\Real Alternative
2009-07-02 02:46 . 2009-04-23 20:20 -------- d-----w- c:\program files\Neat Image
2009-07-02 02:43 . 2009-03-31 12:06 -------- d-----w- c:\program files\Mobily Connect Card
2009-07-02 02:40 . 2008-08-20 23:31 -------- d-----w- c:\program files\JetAudio
2009-07-02 02:34 . 2008-09-26 02:01 -------- d-----w- c:\program files\FLIP Flash Album Deluxe
2009-07-02 02:34 . 2009-01-02 07:15 -------- d-----w- c:\program files\FirefoxPreloader
2009-07-02 02:33 . 2009-04-03 22:08 -------- d-----w- c:\program files\eTeSoft Video Converter
2009-07-02 02:33 . 2008-09-01 02:40 -------- d-----w- c:\program

صمتي سؤال · 7 أغسطس 2009

files\Ela-Salaty
2009-07-02 02:31 . 2008-08-26 01:07 -------- d-----w- c:\program files\ContextConvert Pro
2009-07-02 02:02 . 2009-04-29 03:26 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-07-02 02:02 . 2008-08-26 01:07 -------- d-----w- c:\documents and settings\All Users\Application Data\{0DF24E74-E0DC-43DE-BE71-09722967B823}
2009-06-18 02:35 . 2009-06-18 02:35 -------- d-----w- c:\program files\IObit
2009-06-18 00:31 . 2008-08-12 18:15 -------- d-----w- c:\program files\TOSHIBA
2009-06-17 06:51 . 2009-07-05 19:26 781435 ----a-w- c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\firedownload@mozilla.org\Download.dll
2009-06-11 20:43 . 2009-06-10 18:36 -------- d-----w- c:\program files\SiLeNtt
2009-06-11 19:20 . 2009-06-11 19:20 90112 ----a-w- c:\documents and settings\esam\Application Data\Thinstall\Windows Live Essentials\300000003400002i\dwwin.exe
2009-06-10 21:17 . 2009-01-07 20:01 -------- d-----w- c:\documents and settings\esam\Application Data\skypePM
2009-06-10 19:33 . 2009-06-10 19:33 90112 ----a-w- c:\documents and settings\esam\Application Data\Thinstall\Windows Live Essentials\400000800002i\wlcomm.exe
2009-06-10 19:32 . 2008-08-29 21:27 -------- d-----w- c:\documents and settings\esam\Application Data\Thinstall
2009-06-10 16:16 . 2008-08-12 18:29 155648 ----a-w- c:\windows\system32\RAMASST.exe
2009-06-10 15:59 . 2008-08-12 10:38 23380 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-10 15:10 . 2009-04-23 23:22 -------- d-----w- c:\program files\Download Direct
2009-06-07 20:29 . 2008-11-04 21:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-04 18:18 . 2008-12-26 01:20 253139 ----a-w- c:\windows\PDFCreator_Toolbar_Uninstaller_9046.exe
2009-05-26 08:07 . 2009-05-26 08:07 84952 ----a-w- c:\windows\system32\OnlineScannerUninstaller.exe
2009-05-26 08:07 . 2009-05-26 08:07 117912 ----a-w- c:\windows\system32\OnlineScannerLang.dll
2009-05-26 08:07 . 2009-05-26 08:07 262112 ----a-w- c:\windows\system32\OnlineScannerDLLA.dll
2009-05-26 08:07 . 2009-05-26 08:07 245632 ----a-w- c:\windows\system32\OnlineScannerDLLW.dll
2009-05-26 08:07 . 2009-05-26 08:07 146752 ----a-w- c:\windows\system32\lnod32umc.dll
2009-05-26 08:07 . 2009-05-26 08:07 113792 ----a-w- c:\windows\system32\lnod32upd.dll
2009-05-26 08:07 . 2009-05-26 08:07 233352 ----a-w- c:\windows\system32\lnod32apiW.dll
2009-05-26 08:07 . 2009-05-26 08:07 204512 ----a-w- c:\windows\system32\lnod32apiA.dll
2008-12-09 03:59 . 2008-08-14 22:50 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2008-08-14 22:49 . 2008-08-14 22:43 2551808 ----a-w- c:\program files\FLV PlayerRCATSetup.exe
2008-08-14 22:42 . 2008-08-14 22:41 411248 ----a-w- c:\program files\FLV PlayerRCSetup.exe
2008-03-09 03:25 . 2009-07-28 20:48 236 ---ha-w- c:\program files\Common Files\dx.reg
2009-04-24 04:52 . 2009-06-07 16:25 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2008-09-19 01:22 . 2008-09-19 01:22 82694 --shatr- c:\windows\UHQORAYOMAMHAIWENWID.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-30_00.53.52 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-11 18:32 . 2007-03-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll
+ 2007-10-19 17:46 . 2007-10-19 17:46 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll
- 2007-03-11 18:32 . 2007-03-11 18:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll
+ 2007-10-31 11:45 . 2007-10-31 11:45 12288 c:\windows\Twunk_32.dll
+ 2007-10-31 11:45 . 2007-10-31 11:45 12288 c:\windows\Twunk_16.dll
+ 2009-08-02 21:10 . 2007-07-31 10:52 57344 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpuac5mu.dll
+ 2009-08-02 21:10 . 2007-07-31 10:52 57344 c:\windows\system32\spool\drivers\w32x86\3\hpuac5mu.dll
+ 2008-08-12 19:56 . 2009-08-04 22:57 89101 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2006-11-08 13:35 . 2006-11-08 13:35 20480 c:\windows\system32\hpzisn12.dll
+ 2006-11-08 13:35 . 2006-11-08 13:35 29696 c:\windows\system32\hpzipt12.dll
+ 2006-11-08 13:35 . 2006-11-08 13:35 33280 c:\windows\system32\HPZipr12.dll
+ 2006-11-08 13:35 . 2006-11-08 13:35 53248 c:\windows\system32\HPZipm12.dll
+ 2006-11-08 13:35 . 2006-11-08 13:35 43520 c:\windows\system32\HPZinw12.dll
+ 2006-11-08 13:35 . 2006-11-08 13:35 49152 c:\windows\system32\HPZidr12.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 16800 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\WinxP\Hppaufd0.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 21568 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\HPZius12.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 16496 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hpzipr12.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 49920 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hpzid412.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 16496 c:\windows\system32\DRVSTORE\hpzipr13_2BA7123A2B001C782F00BD878EE3E5AB9802BA28\drivers\dot4\Win2000\HPZipr12.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 21568 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPZius12.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 16496 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPzipr12.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 49920 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPZid412.sys
+ 2009-08-02 21:06 . 2007-10-30 09:25 49920 c:\windows\system32\DRVSTORE\hpzid413_F2DA46DE686A3E981420574C9735FC7A1D1CEC02\drivers\dot4\Win2000\HPZid412.sys
+ 2009-08-05 22:17 . 2001-03-14 13:06 12288 c:\windows\system32\Adobe\SVG Viewer\SVGRSRC.dll
+ 2009-08-02 21:06 . 2009-08-02 21:06 68096 c:\windows\Installer\2df529.msi
+ 2009-08-02 21:27 . 2009-08-02 21:27 25214 c:\windows\Installer\{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}\NewShortcut11.E6275AC6_5F4F_4F0B_987B_C7E51AB63AA0.exe
+ 2009-08-02 21:27 . 2009-08-02 21:27 25214 c:\windows\Installer\{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}\NewShortcut1.E6275AC6_5F4F_4F0B_987B_C7E51AB63AA0.exe
+ 2009-08-02 21:20 . 2009-08-02 21:20 65536 c:\windows\Installer\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe
+ 2009-08-02 21:27 . 2009-08-02 21:27 65536 c:\windows\Installer\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}\ARPPRODUCTICON.exe
+ 2008-08-12 18:01 . 2006-12-21 12:18 497496 c:\windows\system32\XCEEDZIP.DLL
+ 2009-08-02 21:10 . 2007-10-20 15:21 278016 c:\windows\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
+ 2009-08-02 21:10 . 2007-03-09 07:03 761344 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\UNIRES.DLL
+ 2009-08-02 21:10 . 2007-03-09 07:03 740864 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\UNIDRVUI.DLL
+ 2009-08-02 21:10 . 2007-03-09 07:03 372736 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\UNIDRV.DLL
+ 2009-08-02 21:10 . 2007-10-20 15:19 674816 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzss5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:21 854016 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzse5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 302592 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzpr5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:21 783872 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzle5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 790528 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzev5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:25 235008 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzc35mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:14 977920 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpz3c5mu.dll
+ 2009-08-02 21:10 . 2007-06-29 08:56 113664 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpfrs5mu.dll
+ 2009-08-02 21:10 . 2007-08-10 07:06 356352 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpfig5mu.dll
+ 2009-08-02 21:10 . 2007-06-29 08:55 326144 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpfie5mu.dll
+ 2009-08-02 21:10 . 2006-11-30 08:14 671816 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpcdmc32.dll
+ 2009-08-02 21:10 . 2007-10-20 15:19 674816 c:\windows\system32\spool\drivers\w32x86\3\hpzss5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:21 854016 c:\windows\system32\spool\drivers\w32x86\3\hpzse5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 302592 c:\windows\system32\spool\drivers\w32x86\3\hpzpr5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:21 783872 c:\windows\system32\spool\drivers\w32x86\3\hpzle5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 790528 c:\windows\system32\spool\drivers\w32x86\3\hpzev5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:25 235008 c:\windows\system32\spool\drivers\w32x86\3\hpzc35mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:14 977920 c:\windows\system32\spool\drivers\w32x86\3\hpz3c5mu.dll
+ 2009-08-02 21:10 . 2007-06-29 08:56 113664 c:\windows\system32\spool\drivers\w32x86\3\hpfrs5mu.dll
+ 2009-08-02 21:10 . 2007-08-10 07:06 356352 c:\windows\system32\spool\drivers\w32x86\3\hpfig5mu.dll
+ 2009-08-02 21:10 . 2007-06-29 08:55 326144 c:\windows\system32\spool\drivers\w32x86\3\hpfie5mu.dll
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe
+ 2008-10-15 18:06 . 2007-11-08 14:52 271704 c:\windows\system32\hpzids01.dll
+ 2008-08-12 13:29 . 2009-08-06 17:21 326704 c:\windows\system32\FNTCACHE.DAT
+ 2009-08-02 21:06 . 2007-10-30 09:25 282624 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\HPZc3212.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 372736 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hppldcoi.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 309760 c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\difxapi.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 282624 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\HPZc3212.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 372736 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\hppldcoi.dll
+ 2009-08-02 21:06 . 2007-10-30 09:25 309760 c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\difxapi.dll
+ 2009-08-02 21:05 . 2007-10-30 09:11 729088 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\scanner\x32\hpowiax7.dll
+ 2009-08-02 21:05 . 2007-10-30 09:11 303104 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\scanner\x32\hpovst15.dll
+ 2009-08-02 21:05 . 2007-10-21 16:45 229376 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\scanner\x32\hpotsti1.dll
+ 2009-08-02 21:05 . 2007-10-30 09:11 581632 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\scanner\x32\hpotscl6.dll
+ 2009-08-02 21:05 . 2007-10-30 09:25 372736 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\dot4\Win2000\hppldcoi.dll
+ 2009-08-02 21:05 . 2007-10-30 09:25 309760 c:\windows\system32\DRVSTORE\hpof2200_s_ED3F22677072FC6142D86F46F93ED1B09FCAF22C\drivers\dot4\Win2000\difxapi.dll
+ 2009-08-02 21:06 . 2007-11-08 14:52 271704 c:\windows\system32\DRVSTORE\hpf2200a_21060AE15D679CBAF97C26D4E680E8EF9799FDD8\hpzids01.dll
+ 2009-04-29 04:04 . 2007-10-30 09:25 309760 c:\windows\system32\difxapi.dll
+ 2009-08-05 22:17 . 2001-03-14 13:14 491574 c:\windows\system32\Adobe\SVG Viewer\SVGControl.dll
+ 2009-08-05 22:17 . 2001-03-14 13:10 299059 c:\windows\system32\Adobe\SVG Viewer\NPSVGVw.dll
+ 2009-08-05 22:17 . 2001-04-16 15:39 147456 c:\windows\system32\Adobe\SVG Viewer\Bib.dll
+ 2009-08-05 22:17 . 2001-04-16 15:39 397312 c:\windows\system32\Adobe\SVG Viewer\AceLite.dll
+ 2008-08-12 18:32 . 2002-09-04 10:42 343162 c:\windows\IsUninst.exe
+ 2009-08-02 21:40 . 2009-08-02 21:40 476672 c:\windows\Installer\38337.msi
+ 2009-08-02 21:38 . 2009-08-02 21:38 324608 c:\windows\Installer\38330.msi
+ 2009-08-02 21:38 . 2009-08-02 21:38 301568 c:\windows\Installer\38328.msi
+ 2009-08-02 21:37 . 2009-08-02 21:37 635392 c:\windows\Installer\38321.msi
+ 2009-08-02 21:27 . 2009-08-02 21:27 375808 c:\windows\Installer\2df656.msi
+ 2009-08-02 21:27 . 2009-08-02 21:27 691712 c:\windows\Installer\2df64e.msi
+ 2009-08-02 21:26 . 2009-08-02 21:26 596480 c:\windows\Installer\2df642.msi
+ 2009-08-02 21:24 . 2009-08-02 21:24 472576 c:\windows\Installer\2df630.msi
+ 2009-08-02 21:24 . 2009-08-02 21:24 444416 c:\windows\Installer\2df621.msi
+ 2009-08-02 21:22 . 2009-08-02 21:22 610816 c:\windows\Installer\2df60c.msi
+ 2009-08-02 21:20 . 2009-08-02 21:20 550912 c:\windows\Installer\2df5fb.msi
+ 2009-08-02 21:19 . 2009-08-02 21:19 647680 c:\windows\Installer\2df5ee.msi
+ 2009-08-02 21:18 . 2009-08-02 21:18 367616 c:\windows\Installer\2df5db.msi
+ 2009-08-02 21:17 . 2009-08-02 21:17 748544 c:\windows\Installer\2df5cf.msi
+ 2009-08-02 21:15 . 2009-08-02 21:15 634880 c:\windows\Installer\2df5b4.msi
+ 2009-08-02 21:13 . 2009-08-02 21:13 795648 c:\windows\Installer\2df58e.msi
+ 2009-08-02 21:12 . 2009-08-02 21:12 321024 c:\windows\Installer\2df583.msi
+ 2009-08-02 21:12 . 2009-08-02 21:12 591360 c:\windows\Installer\2df57c.msi
+ 2009-08-02 21:11 . 2009-08-02 21:11 519680 c:\windows\Installer\2df570.msi
+ 2009-08-02 21:09 . 2009-08-02 21:09 432640 c:\windows\Installer\2df55c.msi
+ 2009-08-02 21:08 . 2009-08-02 21:08 326144 c:\windows\Installer\2df546.msi
+ 2009-08-02 21:08 . 2009-08-02 21:08 501248 c:\windows\Installer\2df535.msi
+ 2009-08-04 18:16 . 2009-08-04 18:16 601600 c:\windows\Installer\1045f2d.msi
+ 2009-08-02 21:27 . 2009-08-02 21:27 689456 c:\windows\Installer\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe
+ 2006-09-22 10:31 . 2006-09-22 10:31 397312 c:\windows\Downloaded Program Files\imcv1.dll
+ 2009-08-02 21:13 . 2009-08-02 21:13 1230336 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2009-08-02 21:10 . 2007-10-20 15:13 1176576 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzur5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 3354112 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzui5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:33 6312448 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzst5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:24 5193728 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpzla5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:25 1789440 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpz3r5mu.dll
+ 2009-08-02 21:10 . 2007-09-14 10:52 3019264 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f2200_seri87c7\hpbcfgre.dll
+ 2009-08-02 21:10 . 2007-10-20 15:13 1176576 c:\windows\system32\spool\drivers\w32x86\3\hpzur5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:22 3354112 c:\windows\system32\spool\drivers\w32x86\3\hpzui5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:33 6312448 c:\windows\system32\spool\drivers\w32x86\3\hpzst5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:24 5193728 c:\windows\system32\spool\drivers\w32x86\3\hpzla5mu.dll
+ 2009-08-02 21:10 . 2007-10-20 15:25 1789440 c:\windows\system32\spool\drivers\w32x86\3\hpz3r5mu.dll
+ 2008-10-15 18:05 . 2007-09-14 10:52 3019264 c:\windows\system32\spool\drivers\w32x86\3\hpbcfgre.dll
+ 2007-12-20 08:05 . 2007-12-20 08:05 1645320 c:\windows\system32\gdiplus.dll
+ 2009-08-05 22:17 . 2001-03-14 13:07 1597491 c:\windows\system32\Adobe\SVG Viewer\SVGView.dll
+ 2009-08-05 22:17 . 2002-09-12 18:13 1441792 c:\windows\system32\Adobe\SVG Viewer\CoolType.dll
+ 2009-08-05 22:17 . 2001-09-05 13:10 1138688 c:\windows\system32\Adobe\SVG Viewer\Agm.dll
+ 2009-08-02 21:27 . 2009-08-02 21:27 1505792 c:\windows\Installer\2df65e.msi
+ 2009-07-17 17:12 . 2009-07-17 17:12 1962160 c:\windows\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-01-14 1784856]
"{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\program files\************\tb4sh1.dll" [2009-07-30 2215960]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
2009-07-30 00:32 2215960 ----a-w- c:\program files\************\tb4sh1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2009-01-14 12:57 1784856 ----a-w- c:\program files\Freecorder\tbFre0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-01-14 1784856]
"{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}"= "c:\program files\************\tb4sh1.dll" [2009-07-30 2215960]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}"= "c:\program files\************\tb4sh1.dll" [2009-07-30 2215960]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-01-14 1784856]

[HKEY_CLASSES_ROOT\clsid\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-10-09 932864]
"msnmsgr"="c:\program files\Windows Live Messenger Khalid Edition v5.5 Arabic\MsnMsgr.Exe" [2008-03-02 5725208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-05 185896]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"USBFW"="c:\program files\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2007-02-25 437160]
"TrafficCompressor"="c:\program files\TrafficCompressor\TCompres.exe" [2009-04-24 2383584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"=
"c:\\Documents and Settings\\esam\\My Documents\\Downloads\\Compressed\\Portable Windows Live Messenger 2009 14.0.8064.0206\\Windows Live Messenger 2009 14.0.8064.0206.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\TTMessenger\\ttmessenger2.exe"=
"c:\\Program Files\\Windows Live Messenger Khalid Edition v5.5 Arabic\\msnmsgr.exe"=

S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
S2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [17/10/2008 04:10 ص 56344]
S2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;c:\windows\Installer\MSI54.tmp [02/01/2009 01:01 م 189688]
S2 SVI_Deleter_Ciuly;System Volume Information Deleter;c:\program files\Ciuly\SVI Deleter\svi_deleter.exe [28/07/2009 10:58 م 834560]
S3 fsssvc;Windows Live Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" --> c:\program files\Windows Live\Family Safety\fsssvc.exe [?]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - PXHELP20

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{561B9B00-CA7D-BC57-6587-5A5BEA2321A4}]
c:\program files\Setup .exe\Setup .exe
.
Contents of the 'Scheduled Tasks' folder

2009-07-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]

2009-07-16 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2009-01-07 14:57]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = local;<local>
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\windows\system32\idmmbc.dll
LSP: c:\program files\TrafficCompressor\TCompLsp.dll
Trusted Zone: saudiairlines.com\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://67.228.235.166:1999/ReadUid.CAB
FF - ProfilePath - c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 4shared Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\esam\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: c:\documents and settings\esam\Application Data\Mozilla\Firefox\Profiles\anz6oc1o.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\esam\Application Data\Mozilla\plugins\npPxPlay.dll
.
.
------- File Associations -------
.
vbefile\shell\edit\command=c:\windows\Notepad.exe %1
vbsfile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-08-06 23:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFV4ReadSpool]
"ImagePath"="c:\windows\Installer\MSI54.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):6c,c5,99,4e,87,ee,fa,b8,54,e9,c0,b3,8b,b5,7b,05,59,95,f6,e6,8e,
8c,1b,d2,cf,89,c6,3f,52,ef,a7,df,4f,c2,7d,4d,69,ff,be,ff,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):93,ee,1d,5c,9b,98,12,29,2a,53,37,69,20,57,ae,23,d2,48,5c,89,59,
b7,85,2d,72,18,ff,3b,c7,33,d8,de,88,1f,fa,3c,17,85,36,db,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{80c39f48-691d-4119-b238-c24cd5465ddd}]
@Denied: (Full) (Everyone)
"Model"=dword:00000106
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{ffe3ead1-4c67-4efa-9c37-44af17d3a64e}]
@Denied: (Full) (Everyone)
"Model"=dword:00000059
"Therad"=dword:00000022
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,57,38,47,20,2e,e8,94,4c,80,3b,ab,9c,3f,67,\

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2009-08-06 23:52
ComboFix-quarantined-files.txt 2009-08-06 20:51
ComboFix2.txt 2009-07-30 01:00

Pre-Run: 11,932,852,224 bytes free
Post-Run: 12,577,873,920 bytes free

523 --- E O F --- 2008-08-15 23:29

صمتي سؤال · 7 أغسطس 2009

انتظر تعليقكم

MAAX · 7 أغسطس 2009

التقرير سليم
هل باقي اي مشاكل ؟

نتيجة تقرير HijackThis لجهازي فماذا بعد؟

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

MAAX

عضوشرف

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

صمتي سؤال

زيزوومي جديد

MAAX

عضوشرف

NTLite Business 2025.8.10552 X64